[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-9341":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":195,"aliases":196,"duplicate_of":9,"upstream":199,"downstream":200,"duplicates":253,"related":254,"reserved_at":9,"published_at":274,"modified_at":275,"state":276,"summary":277,"references_raw":286,"kevs":383,"epss":384,"epss_history":387,"metrics":651,"affected":668},"CVE-2024-9341","A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-59","Improper Link Resolution Before File Access ('Link Following')","The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.","weakness","Draft","Base","Medium",[20,101,162,191],{"id":21,"name":22,"techniques":23},"CAPEC-132","Symlink Attack",[24],{"id":25,"name":26,"tactics":27,"countermeasures":34},"T1547.009","Shortcut Modification",[28,31],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",[35,40,44,48,52,57,62,67,72,77,81,85,89,93,97],{"id":36,"name":37,"tactic":38},"D3-FA","File Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-FIM","File Integrity Monitoring",{"name":39},{"id":45,"name":46,"tactic":47},"D3-DA","Dynamic Analysis",{"name":39},{"id":49,"name":50,"tactic":51},"D3-EFA","Emulated File Analysis",{"name":39},{"id":53,"name":54,"tactic":55},"D3-FEV","File Eviction",{"name":56},"Evict",{"id":58,"name":59,"tactic":60},"D3-DF","Decoy File",{"name":61},"Deceive",{"id":63,"name":64,"tactic":65},"D3-FE","File Encryption",{"name":66},"Harden",{"id":68,"name":69,"tactic":70},"D3-RF","Restore File",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CF","Content Filtering",{"name":76},"Isolate",{"id":78,"name":79,"tactic":80},"D3-LFP","Local File Permissions",{"name":76},{"id":82,"name":83,"tactic":84},"D3-RFAM","Remote File Access Mediation",{"name":76},{"id":86,"name":87,"tactic":88},"D3-CQ","Content Quarantine",{"name":76},{"id":90,"name":91,"tactic":92},"D3-CM","Content Modification",{"name":76},{"id":94,"name":95,"tactic":96},"D3-EAL","Executable Allowlisting",{"name":76},{"id":98,"name":99,"tactic":100},"D3-EDL","Executable Denylisting",{"name":76},{"id":102,"name":103,"techniques":104},"CAPEC-17","Using Malicious Files",[105,142],{"id":106,"name":107,"tactics":108,"countermeasures":120},"T1574.005","Executable Installer File Permissions Weakness",[109,110,111,114,117],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},"TA0030","Defense Evasion",{"id":115,"name":116},"TA0005","Stealth",{"id":118,"name":119},"TA0104","Execution",[121,126,130,134,138],{"id":122,"name":123,"tactic":124},"D3-SWI","Software Inventory",{"name":125},"Model",{"id":127,"name":128,"tactic":129},"D3-AVE","Asset Vulnerability Enumeration",{"name":125},{"id":131,"name":132,"tactic":133},"D3-SBV","Service Binary Verification",{"name":39},{"id":135,"name":136,"tactic":137},"D3-SU","Software Update",{"name":66},{"id":139,"name":140,"tactic":141},"D3-RS","Restore Software",{"name":71},{"id":143,"name":144,"tactics":145,"countermeasures":151},"T1574.010","Services File Permissions Weakness",[146,147,148,149,150],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},{"id":115,"name":116},{"id":118,"name":119},[152,154,156,158,160],{"id":122,"name":123,"tactic":153},{"name":125},{"id":127,"name":128,"tactic":155},{"name":125},{"id":131,"name":132,"tactic":157},{"name":39},{"id":135,"name":136,"tactic":159},{"name":66},{"id":139,"name":140,"tactic":161},{"name":71},{"id":163,"name":164,"techniques":165},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[166,173,180],{"id":167,"name":168,"tactics":169,"countermeasures":172},"T1027.006","HTML Smuggling",[170,171],{"id":112,"name":113},{"id":115,"name":116},[],{"id":174,"name":175,"tactics":176,"countermeasures":179},"T1027.009","Embedded Payloads",[177,178],{"id":112,"name":113},{"id":115,"name":116},[],{"id":181,"name":182,"tactics":183,"countermeasures":186},"T1564.009","Resource Forking",[184,185],{"id":112,"name":113},{"id":115,"name":116},[187],{"id":188,"name":189,"tactic":190},"D3-FFV","File Format Verification",{"name":76},{"id":192,"name":193,"techniques":194},"CAPEC-76","Manipulating Web Input to File System Calls",[],[],[197,198],"GHSA-mc76-5925-c5p6","GO-2024-3171",[],[201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251],{"_key":202},"SUSE-SU-2024:3988-1",{"_key":204},"SUSE-SU-2024:4303-1",{"_key":206},"SUSE-SU-2025:0267-1",{"_key":208},"SUSE-SU-2025:0775-1",{"_key":210},"OPENSUSE-SU-2024:0350-1",{"_key":212},"SUSE-SU-2024:3545-1",{"_key":214},"SUSE-SU-2024:3546-1",{"_key":216},"SUSE-SU-2024:3911-1",{"_key":218},"OPENSUSE-SU-2024:14388-1",{"_key":220},"OPENSUSE-SU-2024:14390-1",{"_key":222},"OPENSUSE-SU-2024:14447-1",{"_key":224},"SUSE-SU-2025:20080-1",{"_key":226},"MGASA-2024-0343",{"_key":228},"DEBIAN-CVE-2024-9341",{"_key":230},"RHSA-2024:7925",{"_key":232},"RHSA-2024:8238",{"_key":234},"RHSA-2024:8846",{"_key":236},"UBUNTU-CVE-2024-9341",{"_key":238},"RHSA-2024:8039",{"_key":240},"RHSA-2024:8112",{"_key":242},"RHSA-2024:8263",{"_key":244},"RHSA-2024:8428",{"_key":246},"RHSA-2024:8690",{"_key":248},"RHSA-2024:8694",{"_key":250},"RHSA-2024:9454",{"_key":252},"RHSA-2024:9459",[],[255,256,257,258,259,260,261,262,263,264,265,266,267,268,270,272],{"_key":202},{"_key":204},{"_key":206},{"_key":208},{"_key":210},{"_key":212},{"_key":214},{"_key":216},{"_key":218},{"_key":220},{"_key":222},{"_key":224},{"_key":226},{"_key":269},"CGA-GM82-MRG6-7GRC",{"_key":271},"CGA-MCF2-5CJ2-FHM7",{"_key":273},"CGA-2J94-GJMP-422G","2024-10-01T18:52:00.686Z","2026-03-19T17:19:44.851Z","Modified",{"cisa_kev":278,"cisa_ransomware":278,"cisa_vendor":9,"epss_severity":279,"epss_score":280,"severity":281,"severity_score":282,"severity_version":283,"severity_source":284,"severity_vector":285,"severity_status":276},false,"low",0.00899,"high",8.2,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",[287,296,300,305,309,313,317,321,325,329,333,337,341,345,350,355,360,364,369,374,379],{"url":288,"sources":289,"tags":292},"https://access.redhat.com/errata/RHSA-2024:10147",[290,284,291],"cve.org","osv_go",[293,294,295],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":297,"sources":298,"tags":299},"https://access.redhat.com/errata/RHSA-2024:10818",[290,284,291],[293,294,295],{"url":301,"sources":302,"tags":303},"https://access.redhat.com/errata/RHSA-2024:7925",[290,284,291],[293,294,304,295],"Third Party Advisory",{"url":306,"sources":307,"tags":308},"https://access.redhat.com/errata/RHSA-2024:8039",[290,284,291],[293,294,304,295],{"url":310,"sources":311,"tags":312},"https://access.redhat.com/errata/RHSA-2024:8112",[290,284,291],[293,294,304,295],{"url":314,"sources":315,"tags":316},"https://access.redhat.com/errata/RHSA-2024:8238",[290,284,291],[293,294,304,295],{"url":318,"sources":319,"tags":320},"https://access.redhat.com/errata/RHSA-2024:8263",[290,284,291],[293,294,304,295],{"url":322,"sources":323,"tags":324},"https://access.redhat.com/errata/RHSA-2024:8428",[290,284,291],[293,294,304,295],{"url":326,"sources":327,"tags":328},"https://access.redhat.com/errata/RHSA-2024:8690",[290,284,291],[293,294,304,295],{"url":330,"sources":331,"tags":332},"https://access.redhat.com/errata/RHSA-2024:8694",[290,284,291],[293,294,304,295],{"url":334,"sources":335,"tags":336},"https://access.redhat.com/errata/RHSA-2024:8846",[290,284,291],[293,294,304,295],{"url":338,"sources":339,"tags":340},"https://access.redhat.com/errata/RHSA-2024:9454",[290,284,291],[293,294,304,295],{"url":342,"sources":343,"tags":344},"https://access.redhat.com/errata/RHSA-2024:9459",[290,284,291],[293,294,304,295],{"url":346,"sources":347,"tags":348},"https://access.redhat.com/security/cve/CVE-2024-9341",[290,284,291],[349,294,304,295],"VDB Entry",{"url":351,"sources":352,"tags":353},"https://bugzilla.redhat.com/show_bug.cgi?id=2315691",[290,284,291],[354,294,304,295],"Issue Tracking",{"url":356,"sources":357,"tags":358},"https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169",[290,284,291],[359,295],"Product",{"url":361,"sources":362,"tags":363},"https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349",[290,284,291],[359,295],{"url":365,"sources":366,"tags":367},"https://nvd.nist.gov/vuln/detail/CVE-2024-9341",[291],[368],"Advisory",{"url":370,"sources":371,"tags":372},"https://github.com/containers/common/commit/e7db06585c32e1a782c1d9aa3b71ccd708f5e23f",[291],[295,373],"FIX",{"url":375,"sources":376,"tags":377},"https://github.com/containers/common",[291],[378],"PACKAGE",{"url":380,"sources":381,"tags":382},"https://github.com/advisories/GHSA-mc76-5925-c5p6",[291],[368],[],{"date":385,"score":280,"percentile":386},"2026-06-05",0.76054,[388,392,395,398,400,403,407,410,413,416,419,422,425,429,432,436,439,442,445,448,451,454,457,459,462,465,468,471,474,477,480,482,484,486,489,491,494,497,500,503,506,509,512,516,519,522,525,528,531,533,536,539,542,545,548,551,554,557,560,563,566,568,571,574,577,580,583,586,589,592,595,598,601,604,607,609,612,614,617,619,622,625,628,631,634,637,640,643,646,648],{"date":389,"score":390,"percentile":391},"2025-11-04",0.00374,0.58363,{"date":393,"score":390,"percentile":394},"2025-11-05",0.58346,{"date":396,"score":390,"percentile":397},"2025-11-06",0.58347,{"date":399,"score":390,"percentile":391},"2025-11-07",{"date":401,"score":390,"percentile":402},"2025-11-08",0.58361,{"date":404,"score":405,"percentile":406},"2025-11-09",0.00998,0.76256,{"date":408,"score":405,"percentile":409},"2025-11-10",0.7624,{"date":411,"score":405,"percentile":412},"2025-11-11",0.76241,{"date":414,"score":405,"percentile":415},"2025-11-12",0.76262,{"date":417,"score":405,"percentile":418},"2025-11-13",0.76269,{"date":420,"score":405,"percentile":421},"2025-11-14",0.76275,{"date":423,"score":405,"percentile":424},"2025-11-15",0.76271,{"date":426,"score":427,"percentile":428},"2025-11-16",0.00972,0.75929,{"date":430,"score":427,"percentile":431},"2025-11-17",0.75921,{"date":433,"score":434,"percentile":435},"2025-11-18",0.02018,0.82295,{"date":437,"score":434,"percentile":438},"2025-11-19",0.82296,{"date":440,"score":434,"percentile":441},"2025-11-20",0.823,{"date":443,"score":427,"percentile":444},"2025-11-21",0.75947,{"date":446,"score":427,"percentile":447},"2025-11-22",0.75948,{"date":449,"score":427,"percentile":450},"2025-11-23",0.75933,{"date":452,"score":427,"percentile":453},"2025-11-24",0.75934,{"date":455,"score":427,"percentile":456},"2025-11-25",0.75943,{"date":458,"score":427,"percentile":447},"2025-11-26",{"date":460,"score":427,"percentile":461},"2025-11-27",0.75951,{"date":463,"score":427,"percentile":464},"2025-11-28",0.75938,{"date":466,"score":427,"percentile":467},"2025-11-29",0.75942,{"date":469,"score":427,"percentile":470},"2025-11-30",0.7594,{"date":472,"score":427,"percentile":473},"2025-12-01",0.76068,{"date":475,"score":427,"percentile":476},"2025-12-02",0.76074,{"date":478,"score":427,"percentile":479},"2025-12-03",0.76064,{"date":481,"score":427,"percentile":453},"2025-12-04",{"date":483,"score":427,"percentile":456},"2025-12-05",{"date":485,"score":427,"percentile":447},"2025-12-06",{"date":487,"score":427,"percentile":488},"2025-12-07",0.75944,{"date":490,"score":427,"percentile":447},"2025-12-08",{"date":492,"score":427,"percentile":493},"2025-12-09",0.75975,{"date":495,"score":427,"percentile":496},"2025-12-10",0.76,{"date":498,"score":427,"percentile":499},"2025-12-11",0.76019,{"date":501,"score":427,"percentile":502},"2025-12-12",0.76042,{"date":504,"score":427,"percentile":505},"2025-12-13",0.76044,{"date":507,"score":427,"percentile":508},"2025-12-14",0.7604,{"date":510,"score":427,"percentile":511},"2025-12-15",0.76037,{"date":513,"score":514,"percentile":515},"2025-12-16",0.01179,0.78204,{"date":517,"score":514,"percentile":518},"2025-12-17",0.78212,{"date":520,"score":514,"percentile":521},"2025-12-18",0.78228,{"date":523,"score":514,"percentile":524},"2025-12-19",0.78238,{"date":526,"score":280,"percentile":527},"2025-12-20",0.75069,{"date":529,"score":280,"percentile":530},"2025-12-21",0.75063,{"date":532,"score":280,"percentile":530},"2025-12-22",{"date":534,"score":280,"percentile":535},"2025-12-23",0.75059,{"date":537,"score":280,"percentile":538},"2025-12-24",0.75068,{"date":540,"score":280,"percentile":541},"2025-12-25",0.75093,{"date":543,"score":280,"percentile":544},"2025-12-26",0.7509,{"date":546,"score":280,"percentile":547},"2025-12-27",0.75141,{"date":549,"score":280,"percentile":550},"2025-12-28",0.75073,{"date":552,"score":280,"percentile":553},"2025-12-29",0.75072,{"date":555,"score":280,"percentile":556},"2025-12-30",0.75086,{"date":558,"score":280,"percentile":559},"2025-12-31",0.75107,{"date":561,"score":280,"percentile":562},"2026-01-01",0.75249,{"date":564,"score":280,"percentile":565},"2026-01-02",0.75253,{"date":567,"score":280,"percentile":565},"2026-01-03",{"date":569,"score":280,"percentile":570},"2026-01-04",0.75119,{"date":572,"score":280,"percentile":573},"2026-01-05",0.75112,{"date":575,"score":280,"percentile":576},"2026-01-06",0.75128,{"date":578,"score":280,"percentile":579},"2026-01-07",0.75137,{"date":581,"score":280,"percentile":582},"2026-01-08",0.75151,{"date":584,"score":280,"percentile":585},"2026-01-09",0.75155,{"date":587,"score":280,"percentile":588},"2026-01-10",0.75156,{"date":590,"score":280,"percentile":591},"2026-01-11",0.75145,{"date":593,"score":280,"percentile":594},"2026-01-12",0.75131,{"date":596,"score":280,"percentile":597},"2026-01-13",0.75132,{"date":599,"score":280,"percentile":600},"2026-01-14",0.75159,{"date":602,"score":280,"percentile":603},"2026-01-15",0.75166,{"date":605,"score":280,"percentile":606},"2026-01-16",0.7518,{"date":608,"score":280,"percentile":606},"2026-01-17",{"date":610,"score":280,"percentile":611},"2026-01-18",0.75163,{"date":613,"score":280,"percentile":588},"2026-01-19",{"date":615,"score":280,"percentile":616},"2026-01-20",0.7516,{"date":618,"score":280,"percentile":603},"2026-01-21",{"date":620,"score":280,"percentile":621},"2026-01-22",0.75169,{"date":623,"score":280,"percentile":624},"2026-01-23",0.75196,{"date":626,"score":280,"percentile":627},"2026-01-24",0.75204,{"date":629,"score":280,"percentile":630},"2026-01-25",0.75189,{"date":632,"score":280,"percentile":633},"2026-01-26",0.75188,{"date":635,"score":280,"percentile":636},"2026-01-27",0.75197,{"date":638,"score":280,"percentile":639},"2026-01-28",0.75205,{"date":641,"score":280,"percentile":642},"2026-01-29",0.75201,{"date":644,"score":280,"percentile":645},"2026-01-30",0.75202,{"date":647,"score":280,"percentile":627},"2026-01-31",{"date":649,"score":280,"percentile":650},"2026-02-01",0.75323,[652,658,663],{"source":290,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":653,"cvss_v4_0":9},{"baseScore":654,"baseSeverity":655,"vectorString":656,"impactScore":4,"exploitabilityScore":657},5.4,"MEDIUM","CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N",3.1,{"source":284,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":659,"cvss_v4_0":9},{"baseScore":282,"baseSeverity":660,"vectorString":285,"impactScore":661,"exploitabilityScore":662},"HIGH",7.8,7.2,{"source":291,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":664,"cvss_v4_0":665},{"baseScore":654,"baseSeverity":9,"vectorString":656,"impactScore":4,"exploitabilityScore":657},{"baseScore":666,"baseSeverity":9,"vectorString":667,"impactScore":9,"exploitabilityScore":9},5.8,"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",[669,682,693],{"ecosystem":670,"name":671,"vendor":672,"product":673,"cpe_part":9,"purl_type":674,"purl_namespace":672,"purl_name":673,"source":9,"versions":675},"Go","github.com/containers/common","github.com/containers","common","golang",[676],{"version":677,"is_range":678,"range_type":679,"version_start":9,"version_start_type":9,"version_end":680,"version_end_type":681,"fixed_in":9},"lt0_60_4",true,"semver","0.60.4","excluding",{"ecosystem":9,"name":683,"vendor":684,"product":685,"cpe_part":686,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":687},"enterprise linux","redhat","enterprise_linux","o",[688,691],{"version":689,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":692,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":694,"vendor":684,"product":695,"cpe_part":696,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":697},"openshift container platform","openshift_container_platform","a",[698,700,702,704,706,708],{"version":699,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.12",{"version":701,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.13",{"version":703,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.14",{"version":705,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.15",{"version":707,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.16",{"version":709,"is_range":278,"range_type":690,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.17"]